[Bug] My account on save redirect to a 500 page

[Mte90]

Bug report

Looking at postChangePasswordForm it is a return redirect()->back(); but the url of the form is edit-account-info not change-password.

Also I am trying to understand why the password is saved but doesn't work on login, the one saved with the PermissionManager works for all the users but I am looking at that.

Is it a bug in the latest version of Backpack?

Yes, just checked

Backpack, Laravel, PHP, DB version

When I run php artisan backpack:version the output is:

PHP VERSION:

8.2.26

PHP EXTENSIONS:

Core, date, libxml, openssl, pcre, zlib, filter, hash, json, pcntl, random, Reflection, SPL, session, standard, sodium, mysqlnd, PDO, xml, bcmath, bz2, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, iconv, exif, mcrypt, mysqli, pdo_mysql, Phar, posix, readline, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, xmlreader, xmlwriter, xsl, zip, Zend OPcache

LARAVEL VERSION:

11.33.2.0

BACKPACK PACKAGE VERSIONS:

backpack/basset: 1.3.6
backpack/crud: 6.7.50
backpack/generators: v4.0.7
backpack/permissionmanager: 7.2.1
backpack/pro: 2.2.25
backpack/theme-tabler: 1.2.15

[welcome]

Hello there! Thanks for opening your first issue on this repo!

Just a heads-up: Here at Backpack we use GitHub Issues only for tracking bugs. Talk about new features is also acceptable. This helps a lot in keeping our focus on improving Backpack. If you issue is not a bug/feature, please help us out by closing the issue yourself and posting in the appropriate medium (see below). If you're not sure where it fits, it's ok, a community member will probably reply to help you with that.

Backpack communication channels:

• Bug Reports, Feature Requests - GitHub Issues (here);
• Quick help (How do I do X) - Gitter Chatroom;
• Long questions (I have done X and Y and it won't do Z wtf) - Stackoverflow, using the backpack-for-laravel tag;
• Showing off something you've made, asking for opinion on Backpack/Laravel matters - Reddit;

Please keep in mind Backpack offers no official / paid support. Whatever help you receive here, on Gitter, Slack or Stackoverflow is thanks to our awesome awesome community members, who give up some of their time to help their peers. If you want to join our community, just start pitching in. We take pride in being a welcoming bunch.

Thank you!

--
Justin Case
The Backpack Robot

[backpack-ai-bot]

🚨 Bot is not sure about this answer. Please verify. 🚨

Based on the information provided in the knowledge sources, I don't have enough specific details to fully address your issue. However, I can provide some general guidance and suggestions based on similar issues reported in Backpack:

1. Regarding the 500 error on save redirect:
   This could be related to a configuration issue or a problem with the save action. A similar issue was reported in this GitHub issue, where changing settings in the ui.php file caused a 500 error. You might want to check your configuration files, especially if you've recently made changes.

2. For the password saving issue:
   There have been reports of password hashing issues in Backpack. In this GitHub issue, a user reported problems with changing the encryption method. Make sure you're using the correct hashing method in your configuration and that it's consistent across your application.

3. Redirect issue:
   The mismatch between the form URL and the redirect might be causing problems. You could try overriding the postChangePasswordForm method in your controller to specify the correct redirect URL.

4. General troubleshooting:
   As suggested in this community forum post, you could try clearing various caches:

   php artisan config:clear
   php artisan cache:clear
   php artisan view:clear
   php artisan basset:clear
   

   Also, check your error logs for more detailed information about the 500 error.

If these suggestions don't resolve your issue, you might want to create a new issue on the Backpack CRUD GitHub repository with more detailed information about your specific setup and the steps to reproduce the problem.

ℹ️ Please note our AI Bot does not reply to follow-ups, this will be the only AI answer in this thread. If the AI helped you find the answer, please mark it as answered or write details below so it can learn. Then close the conversation. If not, please give more information for when a human reads this. ℹ️

Relevant sources:

Github Issue (closed): Plan password in case of user create crud[Bug]
Bug report
Github Issue (closed): [Bug] Edit about now broken after automatic "required fields"
Github Issue (closed): [Bug] Upgrade BackPack v5 to v6
Github Issue (closed): [Bug] Method encoding cannot be changed (argon/argon2id)
Github Issue (closed): the create and edit function does not work after updating to 5 version
Fix save action redirect url
Github Issue (closed): [Bug]
Github Issue (closed): [Bug] After change settings get 500 error
Github Issue (closed): [Bug]
Github Issue (closed): [Bug] ValidateRequest on StoreFunction redirect to form
Github Issue (closed): [Bug] SCDM Backpack Admin Panel
Bug report
Github Issue (closed): [Bug] SQLSTATE[42S02]: Base table or view not found: 1146 Table 'my_db.password_resets' doesn't exist (Connection: mysql, SQL: select * from password_resets where email = myemail limit 1)
Github Issue (closed): [Bug] Unable to save empty input with relation HasOne

[Mte90]

So I have this code in my User model:

    public function setPasswordAttribute($value)
    {
        if (!empty($value) && Hash::needsRehash($value)) {
            $this->attributes['password'] = Hash::make($value);
        }
    }

In this way avoids to hash again the password and in the User edit view from PermissionManager when I change the password it is saved rightly and that works.

In the edit user profile, requires to insert the old password and change it I get that 500 error with a green alert that the changes were saved.
When I try to login the password changed from the profile was not saved at all and the previous one still works.

[Mte90]

In other cases I am able to login with the password but I am not able to change it because the old password is not the same as the one in the db.

So probably there is something wrong happening between permission manager and login, I am using the option to use the nickname and not the email.

[Mte90]

Testing the code on https://github.com/Laravel-Backpack/CRUD/blob/main/src/app/Http/Controllers/MyAccountController.php#L67

Seems that $this->guard()->logoutOtherDevices($request->new_password); fails as if I put a dd after that line is not executed.
If I comment that line the redirect is executed but I am still not getting saved the new password.

I was able to fix it with that change and:

    public function setPasswordAttribute($value)
    {
        if (!empty($value) && Hash::needsRehash($value)) {
            $this->attributes['password'] = Hash::make($value);
        }

        $this->attributes['password'] = $value;
    }

[jcastroa87]

Hello @Mte90

Can you please share the model and if there is any override about user forms to replicate this in my side?
If you can, please share screenshots and step by step to see the problem in my side.

Cheers.

[Mte90]

<?php

namespace App\Models;

use app\Models\Bilancio;
use app\Models\Relazione;
// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Backpack\CRUD\app\Models\Traits\CrudTrait;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Spatie\Permission\Traits\HasRoles;
use Illuminate\Support\Facades\Hash;

class User extends Authenticatable
{
    use CrudTrait;
    /** @use HasFactory<\Database\Factories\UserFactory> */
    use HasFactory, Notifiable;
    use HasRoles;

    public $identifiableAttribute = 'name';

    /**
     * The attributes that are mass assignable.
     *
     * @var array<int, string>
     */
    protected $fillable = [
        'name',
        'email',
        'password',
    ];

    /**
     * The attributes that should be hidden for serialization.
     *
     * @var array<int, string>
     */
    protected $hidden = [
        'password',
        'remember_token',
    ];

    protected static function boot()
    {
        parent::boot();

        // Order by name ASC
        static::addGlobalScope('order', function (Builder $builder) {
            $builder->orderBy('name', 'asc');
        });
    }

    /**
     * Get the attributes that should be cast.
     *
     * @return array<string, string>
     */
    protected function casts(): array
    {
        return [
            'email_verified_at' => 'datetime',
            'password' => 'hashed',
        ];
    }

    public function setPasswordAttribute($value)
    {
        if (!empty($value) && Hash::needsRehash($value)) {
            $this->attributes['password'] = Hash::make($value);
        } else {
            $this->attributes['password'] = $value;
        }
    }
}

As you can see it is very basic.